September 5, 2001

SuSE: 'screen' vulnerability

Author: JT Smith

From LinuxSecurity.com: "screen is a terminal multiplexer program that allows reattaching to
a detached session as well as multi-attached (shared) sessions.

The screen package allows a local attacker to obtain root privileges if
the /usr/bin/screen command is installed setuid root and if a directory
below /tmp/screens/ exists."

Category:

  • Linux
Click Here!